Random Thoughts

Pages

Tuesday, February 25, 2014

Recently for a project, I needed to build a Python, Django, PostgreSQL, NGINX Development Virtual Machine(VM). Below are the steps that I followed to build this VM in VMware Fusion on MacbookPro (MBP). This post is as much about sharing my build experience as documenting the steps for my future use and potential automation.

Click Add button and select New. This will bring up New Virtual Assistance Window showing Create New Virtual Machine.

Click Continue without disc as we will be using the downloaded ISO image. This will bring up Installation Media section.
Select Use operating system installation disc or image and click on arrows next to Choose a disc or disc image.... Select the Ubuntu ISO image and then click Continue.

Choose Operating System section should show Linux as Operating System and Ubuntu 64-bit as Version. Click Continue.

The Finish section will show Virtual Machine Summary, Click Finish. Select the location where we want to save the VM file and name the file.

A console window will be launched and OS install will start. Answered the prompts during the install process. Once update and reboot completes, a login prompt will appear. Log in to VM.

OpenSSH Server

After login, install OpenSSH Server to enable access to Ubuntu VM over SSH.

$sudo apt-get install openssh-server

Check whether SSH process is running.

$service ssh status

Either note down the IP address of VM from login screen (shown above) or using ifconfig command to be able to SSH into the VM remotely.

$ssh anil@172.16.191.158

You may need to remove SSH key if there is a fingerprint mismatch between the VM and remote client.

$ssh-keygen -R 172.16.191.158

Update Packages

You need to make sure all installed packages are current. Download any package updates and install.

At this point VM is ready for installation of Python Virtualenv, Django, PostgreSQL, NGINX, and Gunicorn.

Python Virtualenv

Virtualenv is Virtual Python Environment builder to create separate Python environments. This enables to keep installations, dependencies, versions and permissions separate for different applications across different virtual environments.

Install python-virtualenv.

anil@django:~$ sudo apt-get install python-virtualenv
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
python-pip python-setuptools
The following NEW packages will be installed:
python-pip python-setuptools python-virtualenv
...

Now, we need to create a virtual environment for our project (in this case, lendcafe) where we can install Python and Django packages.

NGINX

NGINX is an open source HTTP server and reverse proxy. It is known for high performance and low resource utilization. Instead of relying on threads to handle requests, it uses event-driven asynchronous architecture.

Create a user. Answer the prompts. I decided to not make this user superuser, allow this new user to create databases or new roles.

postgres@django:~$ createuser -P
Enter name of role to add: anil
Enter password for new role:
Enter it again:
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) n
Shall the new role be allowed to create more new roles? (y/n) n

Create a new database. I named this database to be lendcafe.

postgres@django:~$ createdb lendcafe

To grant new user access to this database, first access the PostgreSQL interactive terminal and then grant all privileges. Type \q to quit.

Start a new Django project. If you receive permission denied error as shown below, change the ownership of your environment directory. Then start a new Django project again. Check to make sure the project directory was created in virtualenv directory.

My issue turned out that I originally installed Django as root user while I was trying to run the above command as different user. When I ran the above command with sudo, I encountered a different error.

NGINX is a reverse proxy and HTTP server. There are two blocks, Server-block and Location-blocks in configuration file that we will be primarily working with. The server-block is very similar to virtual host and location-block to URI. There is much more information available in NGINX Beginner's Guide.

Create a new NGINX config file lendcafe in /etc/nginx/sites-available/ directory and enter the following configuration information.

Tuesday, February 11, 2014

Install Addendum

Enable VT in BIOS

An addendum to install steps defined in my previous post OpenStack: Quick Install using DevStack is required to avoid a surprise that I encountered after the install. Please check to make sure BIOS is at latest version available from the system manufacturer and Intel's Virtualization Technology (VT) is enabled in BIOS.

If CPU doesn't support VT, the output will show CPU does not support KVM extensions.
The OpenStack Horizon Dashboard is implemented as a Python/Django web application that provides admin and user interface to OpenStack services.

Horizon Dashboard

Log in

In web browser, type the IP address for the dashboard. On Log In page enter User Name and Password and click Sign In. When signing in as Admin, the home page shows the Admin panel - System Panel - Overview.

Existing Virtual Machine Images

By clicking Images category in Admin - System panel on the left, a list of available images are viewed. In default installation, CirrOS x86_64 image is made available in AMI/ARI/AKI format.

CirrOS images are tiny cloud guest images with minimal Linux distribution that can also be downloaded from LaunchPad. The AMI/ARI/AKI is the image format supported by Amazon EC2. AMI (Amazon Machine Image) is a virtual machine raw image. ARI (Amazon Kernel Image) is a kernel file (vmlinuz) that will load initially to boot image. ARI (Amazon Ramdisk Image) is ramdisk file (initrd) mounted at boot time.

Launch Instances

Clicking on the Project tab in left panel shows the overview of current project.

To launch an instance from an image, click Images and Snapshot category in Project - Manage Compute panel on the left.

Select an image and click Launch. A Launch Instance modal pop-up appear. Enter a name in Instance Name field in Details tab.

Clicking on Instance Name hyperlink shows the Instance Details for that specific instance with three tabs for Overview, Log and Console.

Though the Project - Manage Compute - Instances page shows instance to be Active and Running, the console for the instance is displaying an error message.

This kernel requires an x86-64 CPU, but only detected an i686 CPU.
Unable to boot - please use a kernel appropriate for your CPU.

Error Troubleshooting

A little bit of googling suggested to check whether the 64-bit PC (amd64, x86_64) or 32-bit PC (x86) version of host operating system is installed. Sure enough, the Ubuntu version installed on OSCloud host is x86 and not x86-64 version. I can't use x86-64 instance images on OSCloud host.

Create Images

To create images, on Admin tab, select Images and then click Create Image button in right pane. On Create An Image page, enter Name for the image, select Image Source, Image Location, and Format. Select the Public checkbox to make available this image to everyone. Then click Create Image. The image will be queued for creation.

Once images are created, they will be available to launch instances in projects following the steps listed above in Launch Instances section.

In next blog post, I will start to dig deeper into high level solution design using OpenStack. Your feedback and comments are welcome.

Tuesday, February 04, 2014

Though not a recommended method for installing OpenStack for production, DevStack offers an easy method to install and run an OpenStack cloud either on hardware or even within virtual machine.

In this post, I walk through installing OpenStack using DevStack on an old Sony Vaio laptop on local network. The DevStack site provides instructions for installing OpenStack on Virtual Machines and on Hardware. The detailed instructions for installing OpenStack on a single hardware machine, that I followed, are available at DevStack.

Install Ubuntu Server OS

I repurposed a SONY VAIO laptop for DevStack install that was originally wiped clean with Darik's Boot and Nuke in preparation for disposal.

Booted Sony laptop using the Ubuntu minimal CD and selected Install from Installer boot menu, followed the prompts, and accepted default options for most prompts. It takes over an hour for the installation to download and install the base system.

While trying to access Ubuntu server from MPB over SSH, I received following error.

ANILs-MacBook-Pro:~ anilgupta$ ssh anil@10.0.1.25
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
26:54:a3:4e:cd:a3:6c:80:f3:36:2c:b3:c9:17:f0:db.
Please contact your system administrator.
Add correct host key in /Users/anilgupta/.ssh/known_hosts to get rid of this message.
Offending RSA key in /Users/anilgupta/.ssh/known_hosts:6
RSA host key for 10.0.1.25 has changed and you have requested strict checking.
Host key verification failed.

This is well-known error when there is fingerprint mismatch between the host (Ubuntu Server) and client (MBP). In this case, as there is no malicious attempt, I removed the offending key from MBP using ssh-keygen -R command.

Make a copy of local.conf file from devstack/samples folder to devstack folder

anil@OSCloud:~/devstack$ cp samples/local.conf local.conf

Open local.conf file in editor and add the listed configuration changes in [[local|localrc]] section. I chose to have same password as ADMIN for other accounts. I also chose to enable Swift. Save the file.

anil@OSCloud:~/devstack$ ./stack.sh
[sudo] password for anil:
Using mysql database backend
################################################################################
ENTER A SERVICE_TOKEN TO USE FOR THE SERVICE ADMIN TOKEN.
################################################################################
This value will be written to your localrc file so you don't have to enter it
again. Use only alphanumeric characters.
If you leave this blank, a random default value will be used.
Enter a password now:
select_password
2014-01-29 12:48:57 + echo_summary 'Installing package prerequisites'
...

Once install finishes, access information for the OpenStack cloud is displayed.

Horizon is now available at http://10.0.1.25/
Keystone is serving at http://10.0.1.25:5000/v2.0/
Examples on using novaclient command line is in exercise.sh
The default users are: admin and demo
The password: select_password
This is your host ip: 10.0.1.25
stack.sh completed in 339 seconds.

The OpenStack logs are stored in /opt/stack/logs directory. The latest detailed log can be accessed using symlink /opt/stack/logs/stack.sh.log. Unless there are errors, the latest summary log symlink /opt/stack/logs/stack.sh.log.summary is sufficient to check for installed, configured, and status of services.

Restart DevStack

Bring volume group online so that cinder-volume will start without errors

sudo losetup -f /opt/stack/data/stack-volumes-backing-file

Use rejoin-stack.sh to restart the DevStack

./rejoin-stack.sh &

Reboot Host

After rebooting the Host, when I tried to login to dashboard, I received the error An error occurred authenticating. Please try again later. The /var/log/apache2/horizon_error.log only shows Login failed for user "admin" as entry. Checked the SELINUX status.

anil@OSCloud:~/devstack$ sestatus
SELinux status: disabled

The reason turned out that I needed to restart Devstack by using the command listed above in Restart DevStack section.

New Service by Random Thoughts

A web service to help lenders on peer to peer lending platforms with new loans selection, portfolio analysis, and secondary market note pricing.

Affiliate Links: Support this Blog

DISCLAIMER:

All data and information provided on this site is for informational purposes only. Random Thoughts is not compensated unless readers choose to sign up or purchase by clicking through the provided affiliate banners and links. Random Thoughts makes no representations as to accuracy, completeness, currentness, suitability, or validity of any information on this site. All information is provided on an as-is basis.